Skills
skills/agricidaniel/codex-seo/seo-technical/Gen Agent Trust Hub

seo-technical

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute local Python scripts using the shell, passing a user-supplied URL as a command-line argument. If the URL is not properly validated by the agent or the script, it could lead to command injection.
  • Evidence: python scripts/pagespeed_check.py <url> --json (SKILL.md)
  • Evidence: python scripts/crux_history.py <url> --json (SKILL.md)
  • Evidence: python scripts/gsc_inspect.py <url> --json (SKILL.md)
  • [PROMPT_INJECTION]: The skill is designed to process external data retrieved from target websites (meta tags, robots.txt, sitemaps, and JavaScript content), which represents a classic surface for indirect prompt injection.
  • Ingestion points: Scraped content, meta tags, and robots.txt files from the target audit URL (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external content as untrusted data rather than instructions.
  • Capability inventory: The skill can write to the local file system (.seo-cache/) and execute subprocesses (python scripts/...).
  • Sanitization: No evidence of validation or sanitization of retrieved web content before processing is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 08:38 AM
Security Audit — agent-trust-hub — seo-technical